A large number of merchants and retail companies (including large, medium and small sized merchants and retailers) are losing millions of dollars (both directly and indirectly) as a result of POS system breaches caused by POS malware (malicious software) which is using the RAM scraping technique to siphon credit card data from compromised devices. RAM scraping involves extracting credit card information from the volatile (RAM) memory of the POS system.
Currently the problem is addressed by various vendors of security and anti-fraud (AF) solutions. Some security vendors are offering standard anti-virus (AV) and anti-malware (AM) solutions. However, most of the merchants and retailers do not install these solutions because of performance (e.g., these solutions are very resource demanding and degrade the ability of POS systems to process high amounts of transactions per day) and reliability (e.g., the most successful AV and AM solutions can detect, on average, less than 40% of current threats) issues.
Most of the AF solutions vendors are offering post breach services in the form of providing lists of compromised credit card numbers (e.g., collected by intelligence agents from the underground forums and stolen credit cards marketplaces) to the issuing financial institutions so they can blacklist and block them.
These solutions are evidently not good enough as the number of credit card breach related incidents are constantly on the rise (e.g., especially in the U.S.).